<?php

//验证用户登陆

include 'inc/conn.php';

$username = trim($_POST['username']);
$userpasswd = md5(trim($_POST['userpasswd']));

$returnJson = array(
    'code' => 0,
    'message' => ''
);

//验证数据是否为空
if (empty($username) || empty($userpasswd)) {
    $returnJson['code'] = 401;
    $returnJson['message'] = '提示：提交数据有误';
    echo json_encode($returnJson);
    die();
}

$sql = "SELECT userpasswd FROM blog_admin_user WHERE username='".htmlspecialchars($username, ENT_QUOTES)."' ";
$res = mysqli_query($conn, $sql);

if (!($rwt=mysqli_fetch_array($res))) {
    $returnJson['code'] = 501;
    $returnJson['message'] = '提示：用户名有误';
    echo json_encode($returnJson);
    die();
}

if ($userpasswd != $rwt['userpasswd']) {
    $returnJson['code'] = 502;
    $returnJson['message'] = '提示：用户密码有误';
    echo json_encode($returnJson);
    die();
}

$returnJson['code'] = 200;
$returnJson['message'] = '提示：登陆成功';
echo json_encode($returnJson);

//需要记录用户的信息  用的是PHP中的$_SESSION

$_SESSION['username'] = $username;
